Primary

Context

Jetimob Plataforma Imobiliaria Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in Jetimob Plataforma Imobiliaria version 20240627-0. The issue occurs in the 'Pessoas' section, specifically within the 'Profissão' field. When creating or editing a profile, malicious scripts can be injected and are executed whenever the profile is viewed.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the profile.

Reproduction

To reproduce this vulnerability, create or edit a profile in the 'Pessoas' section of Jetimob Plataforma Imobiliaria version 20240627-0. Inject a script payload, such as an image tag with an 'onerror' event, into the 'Profissão' field. Once the profile is saved, the injected script will execute when the profile is loaded.

Added: Jun 10, 2025, 8:21 PM

Updated: Jun 10, 2025, 8:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.3

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.3

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Jetimob Plataforma Imobiliaria Stored Cross-Site Scripting Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating